WhiteSource Raises $75M to Continue Realizing Its Prevention-Centric Product Vision

The investment underscores rapid expansion of the application attack surface and fundamental sector demands for action-based prevention models

TEL AVIV AND BOSTON – April 7, 2021 – WhiteSource, the leader in open source security and management, today announced it has raised $75 million in Series D funding led by Pitango Growth, with participation by existing investors M12, Susquehanna Growth Equity, and 83North. This additional round brings WhiteSource’s total funding to $121.2 million.

Over the past three years, WhiteSource has seen a fivefold increase in customers and 800% revenue growth, underscoring the enormous demand by organizations developing software to effectively manage their use of open source components. Given that more than 70% of enterprise application portfolios have become more vulnerable to attack over the past year, developers face increasing pressure to become security experts, as companies also struggle to decide how much security they will sacrifice in the name of speed. WhiteSource has been bridging this gap in application security by providing its remediation-centric solution to more than 800 companies globally, helping organizations better protect their software applications without affecting the speed of software delivery or its performance.

“Application security needs have gone beyond just detection to include continuous prioritization and prevention, as demonstrated by recent software supply chain attacks,” said Rami Sass, Co-Founder and CEO of WhiteSource. “This investment brings us closer to creating a future where the cycle of application delivery is always a step ahead of any security risk, and where developers are easily equipped with code they can trust.”

This round of funding also reflects the pace and scale with which WhiteSource has been adopted globally, enabling it to become strategically self-sufficient in financing its own growth. Named the leader in the Forrester Wave Software Composition Analysis, WhiteSource’s auto-remediation solution for open source vulnerabilities has proved successful within the enterprise market, with customers including Microsoft, IBM, Comcast and Pitney Bowes.

“WhiteSource has established the standard for open-source security. We are excited to support them as they strengthen their leadership and expand their platform to a complete application security solution” said Isaac Hillel, Managing Partner at Pitango Growth, who will also be joining the WhiteSource Board of Directors. “We have been watching their growth with great interest, and we are excited to partner with them as they embark upon their next chapter of industry leadership.”

WhiteSource has offices in the U.S., UK, and Israel. The company was founded to provide a platform for collaborative open source security at scale. Using WhiteSource’s platform, organizations reduce up to 85% of security alerts by prioritizing vulnerabilities, and auto-remediating them using community-verified fixes.

“Early on, we recognized WhiteSource as a leader in the ‘shift left’ movement, helping enterprises take cybersecurity precautions earlier in the software development lifecycle,” said Mony Hassid, M12 managing director and EMEA lead. “Since our initial investment in 2017, WhiteSource has made Microsoft a customer and a go-to-market partner with joint sales and product integrations via the M12 platform. We’re proud to support WhiteSource’s impressive growth and promote their vision for automated open source security.”

“In its early days, WhiteSource was part of Peregrine Ventures’ incubator, Incentive. We’d like to thank the Israel Innovation Authority for their support through the Incubators Program,” said Lior Shahory, GP at Peregrine and head of its incubator. “WhiteSource is now a global leader in open source management and we are proud of its success.”

About Mend.io

Trusted by the world’s leading companies, including IBM, Google, and Comcast, Mend.io offers a full-spectrum application security platform designed to help leading organizations build and manage mature AppSec programs, enabling them to stop chasing vulnerabilities and start proactively managing application risk.